In the Claims 

Claims 9, 17, and 22 are currently amended. 

Claims 1-8, 15-16 and 24-32 have previously been withdrawn. 

Claims 9-14 and 17-23 are pending and listed below. 

1.-8. (Withdrawn) 

9. (Currently Amended) A method comprising: 

receiving a credential from a user at an input device in communication with 
a local machine having an OS , the local machine capable of being in 
communication with a plurality of different input devices each configured to 
enable the user to log on with the OS to access the local machine ; 

translating the credential with one o f a plurality of different coexisting 
credential provider modules for translating respectively different types of 
credentials into a common credential protocol , the plurality of different coexisting 
credential provider modules also enabling the user to log on with the OS to access 
the local machine with each corresponding different input device that is in 
communication with local machine ; [[ and]] 

using a component of the OS to authenticate the translated credential 
having the common credential protocol against a credential database; and 

logging the user on with the OS to access the local machine when the 
authentication is successful. 



2 



10. (Original) The method as defined in Claim 9, wherein the logging of 
the user on further comprises logging the user on to the local machine after a 
plurality of said credentials have been received, translated by a respective said 
different coexisting credential provider module, and authenticated successfully. 

11. (Original) The method as defined in Claim 9, wherein the user is not 
logged on to the local machine at the time when the translated credentials are 
authenticated. 

12. (Original) The method as defined in Claim 9, wherein the use of the 
component of the OS to authenticate the translated credential having the common 
credential protocol against the credential database further comprises: 

communicating the translated credential to an LSA; and 
determining the authentication with the LSA against the credential database 
that is selected from the group consisting of: 
a SAM database; 

a local database other than the SAM database; 

a remote credential database; 

a token protocol credential service; 

a challenge and response protocol service; and 

an AD and KDC at a domain remote from the local machine. 
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13. (Original) The method as defined in Claim 9, wherein each said 
credential provider module is interoperable, through a credential provider API, to 
the component of the OS. 

14. (Original) A computer-readable medium comprising instructions 
that, when executed by a computer, perform the method of Claim 9. 

15. -16. (Withdrawn) 

17. (Original) A method comprising: 

receiving a credential from a user at an input device in communication with 
a local machine having an OS , the local machine capable of being in 
communication with a plurality of different input devices, each capable of 
receiving a credential from the user to enable the user to log on to access the local 
machine with the OS ; 

translating the credential with a credential provider module that 
corresponds to the input device, wherein: 

the credential provider module is one of a plurality of coexisting 

different said credential provider modules; and 

each said credential provider module can perform a translation of a 

respectively different type of said credential received at a different said 

input device in communication with the local machine; and 
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each said translation of each said credential is in a common 
credential protocol; 

communicating the translated credential having the common credential 
protocol through a credential provider interface to a logon UI routine of the OS; 

passing the translated credential having the common credential protocol to 
a logon routine of the OS from the logon UI routine; 

authenticating the translated credential against a credential database with 
the logon routine of the OS; and 

logging the user on to access the local machine with the OS when the 
authentication is successful. 

18. (Original) The method as defined in Claim 17, wherein the logging 
the user on to access the local machine with the OS further comprises deferring the 
logging on of the user to access the local machined until the receiving, the 
translating, the communicating, the passing, and the aumenticating successfully 
have been repeated for each of a plurality of said credentials. 

19. (Original) The method as defined in Claim 17, wherein the user is 
not logged on to access the local machine when the translated credentials are 
authenticated against the credential database with the logon routine of the OS. 
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20. (Original) The method as defined in Claim 17, wherein the 
authenticating of the translated credential against the credential database with the 
logon routine of the OS further comprises: 

communicating the translated credential to an LSA from the logon routine 
of the OS; and 

determining the authentication with the LSA against the credential database 
that is selected from the group consisting of: 
a SAM database; 

a local database other than the SAM database; 

a remote credential database; 

a token protocol credential service; 

a challenge and response protocol service; and 

an AD and KDC at a domain remote from the local machine. 

21. (Original) A computer-readable medium comprising instructions 
that, when executed by a computer, perform the method of Claim 17. 

22. (Currently Amended) A computer-readable medium comprising a 
credential provider module including instructions that, when executed by a local 
machine having an OS, receive and translate a credential into a credential protocol 
so as to be compatible for authentication by an authentication component of the 
OS against a credential database for logging a user identified by the credential on 
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with the OS to access the local machine when the authentication is successful, 
wherein: 

the translated credential can be received via an interface to the 
authentication component of the OS; 

the interface to the authentication component of the OS is compatible for 
receiving each of a plurality of said credentials from a corresponding plurality of 
different coexisting credential provider modules; and 

each said different coexisting credential provider module can: 

receive a respective different type of said credential from a 

respective input device , each respective input device capable of coupling to 

the local machine and enabling the user to log on with the OS to access the 

local machine : and 

translate each said different type of said credential into the credential 

protocol so as to be compatible for authentication by the authentication 

component of the OS against the credential database. 

23. (Original) The computer-readable medium as defined in Claim 22, 
wherein the authentication component of the OS comprises: 
a logon UI module; 

an OS logon module for receiving Remote Procedure Call (RPC) calls from 
the log UI module; and 

an LSA for determining the authentication, and in communication with, the 
credential database that is selected from the group consisting of: 
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a SAM database; 

a local database other than the SAM database; 

a remote credential database; 

a token protocol credential service; 

a challenge and response protocol service; and 

an AD and KDC at a domain remote from the local machine. 



-32. (Withdrawn) 



